π Haveged 1.9.12 π
π Go!
via "Security Tool Files β Packet Storm".
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Haveged 1.9.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Lynis Auditing Tool 3.0.0 π
π Go!
via "Security Tool Files β Packet Storm".
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Lynis Auditing Tool 3.0.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β IcedID Banker is Back, Adding Steganography, COVID-19 Theme β
π Read
via "Threatpost".
The malware has boosted its anti-detection capabilities in a new email campaign.π Read
via "Threatpost".
Threat Post
IcedID Banker is Back, Adding Steganography, COVID-19 Theme
The malware has boosted its anti-detection capabilities in a new email campaign.
π Cybersecurity risks in a possible US manufacturing resurgence π
π Read
via "Security on TechRepublic".
When factories, notably in China, shuttered during the COVID-19 pandemic, products the US relied on were impacted. Here's how experts see a return to "Made in America" and the incumbent risks.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity risks in a possible US manufacturing resurgence
When factories, notably in China, shuttered during the COVID-19 pandemic, products the US relied on were impacted. Here's how experts see a return to "Made in America" and the incumbent risks.
π Microsoft 365 phishing campaign exploits Samsung, Adobe, and Oxford University π
π Read
via "Security on TechRepublic".
The attack redirects users through legitimate websites in an attempt to capture their Microsoft credentials, says Check Point Research.π Read
via "Security on TechRepublic".
π Popular mobile banking apps are riddled with security flaws, and Android users are more at risk π
π Read
via "Security on TechRepublic".
A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts.π Read
via "Security on TechRepublic".
TechRepublic
Popular mobile banking apps are riddled with security flaws, and Android users are more at risk
A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts.
π΄ Adobe Releases PDF Protected Mode for Acrobat DC π΄
π Read
via "Dark Reading: ".
The preview, open to Windows users, opens PDF files in a sandbox to protect users who open malicious Acrobat documents.π Read
via "Dark Reading: ".
Dark Reading
Adobe Releases PDF Protected Mode for Acrobat DC
The preview, open to Windows users, opens PDF files in a sandbox to protect users who open malicious Acrobat documents.
π΄ Have Your Say: Dark Reading Video News Desk Seeks Reader Contributions π΄
π Read
via "Dark Reading: ".
We've got questions for you on black infosec, burnout, vulnerabilities, COVID-19, and much more. Send us your video responses and we'll play them in our News Desk broadcast during Black Hat Virtual.π Read
via "Dark Reading: ".
Dark Reading
Have Your Say: Dark Reading Video News Desk Seeks Reader Contributions
We've got questions for you on black infosec, burnout, vulnerabilities, COVID-19, and much more. Send us your video responses and we'll play them in our News Desk broadcast during Black Hat Virtual.
π PCI SSC Releases New Standard to Secure Devices π
π Read
via "Subscriber Blog RSS Feed ".
A new update to PCI requirements is designed to keep pace with the evolving financial threat environment.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
PCI SSC Releases New Standard to Secure Devices
A new update to PCI requirements is designed to keep pace with the evolving financial threat environment.
ATENTIONβΌ New - CVE-2019-13033
π Read
via "National Vulnerability Database".
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload the data of additional scans.π Read
via "National Vulnerability Database".
β Facebookβs FTC-Mandated Privacy Committee Now in Effect β
π Read
via "Threatpost".
Facebook will report its privacy practices to both the committee, the FTC, and to a third-party assessor.π Read
via "Threatpost".
Threat Post
Facebookβs FTC-Mandated Privacy Committee Now in Effect
Facebook will report its privacy practices to both the committee, the FTC, and to a third-party assessor.
β Google Yanks 106 βMaliciousβ Chrome Extensions β
π Read
via "Threatpost".
Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations.π Read
via "Threatpost".
Threat Post
Google Yanks 106 βMaliciousβ Chrome Extensions
Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations.
π΄ Cisco Patches Flaw in Webex Videoconferencing App π΄
π Read
via "Dark Reading: ".
Vulnerability would have allowed an attacker to gain access to sensitive information on a system, Trustwave's SpiderLab says.π Read
via "Dark Reading: ".
Dark Reading
Cisco Patches Flaw in Webex Videoconferencing App
Vulnerability would have allowed an attacker to gain access to sensitive information on a system, Trustwave's SpiderLab says.
π΄ Healthcare CISOs Share COVID-19 Response Stories π΄
π Read
via "Dark Reading: ".
Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable.π Read
via "Dark Reading: ".
Dark Reading
Healthcare CISOs Share COVID-19 Response Stories
Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable.
β Ripple20 bugs set off wave of security problems in millions of devices β
π Read
via "Naked Security".
Security researchers have discovered a handful of game-changing vulnerabilities that spell trouble for dozens of connected device vendors and their customers.π Read
via "Naked Security".
Naked Security
Ripple20 bugs set off wave of security problems in millions of devices
Security researchers have discovered a handful of game-changing vulnerabilities that spell trouble for dozens of connected device vendors and their customers.
π Friday Five: 6/19 Edition π
π Read
via "Subscriber Blog RSS Feed ".
Possible beer shortage caused by ransomware, dating apps expose 845 GB of sensitive data, and Zoom reverses controversial security decision - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 6/19 Edition
Possible beer shortage caused by ransomware, dating apps expose 845 GB of sensitive data, and Zoom reverses controversial security decision - catch up on the week's news with the Friday Five.
β FBI uses T-shirt, tattoo and Vimeo clips to track down alleged arsonist β
π Read
via "Naked Security".
Amazing what online search, social media profiles, a DMV database and cameras everywhere can turn up about us.π Read
via "Naked Security".
Naked Security
FBI uses T-shirt, tattoo and Vimeo clips to track down alleged arsonist
Amazing what online search, social media profiles, a DMV database and cameras everywhere can turn up about us.
β Netgear Zero-Day Allows Full Takeover of Dozens of Router Models β
π Read
via "Threatpost".
An unpatched vulnerability in the web server of device firmware gives attackers root privileges, researchers said.π Read
via "Threatpost".
Threat Post
Netgear Zero-Day Allows Full Takeover of Dozens of Router Models
An unpatched vulnerability in the web server of device firmware gives attackers root privileges, researchers said.
β IBM Maximo Asset Management servers patched against attacks β
π Read
via "Naked Security".
As the name suggests, IBM Maximo is typically used by really big companies to track really huge numbers of assets...π Read
via "Naked Security".
Naked Security
IBM Maximo Asset Management servers patched against attacks
As the name suggests, IBM Maximo is typically used by really big companies to track really huge numbers of assetsβ¦
π΄ 'New Normal' Caption Contest Winners π΄
π Read
via "Dark Reading: ".
Competitors submitted lots of clever virus puns, and the prizes go to ...π Read
via "Dark Reading: ".
Dark Reading
'New Normal' Caption Contest Winners
Competitors submitted lots of clever virus puns, and the prizes go to ...
π΄ How to Secure Machine Learning π΄
π Read
via "Dark Reading: ".
Part two of a series on avoiding potential security risks with ML.π Read
via "Dark Reading: ".
Dark Reading
How to Secure Machine Learning
Part two of a series on avoiding potential security risks with ML.